Site sarrz.com is an informational source and under no circumstances is not a public offer defined by the provisions of article 437(2) of the Civil Code of the Russian Federation.
The site administrator has the right to make adjustments to these Terms, in this case, if the user continues to use the site, this means that he/she automatically agrees with the changes.
1. Basic concepts and definitions
1.1. Website is a set of web pages placed on the Internet, united by a single theme, design and a single address space of the domain sarrz.com.
1.2. Site administrator is authorized employees on site management, acting on behalf of the Company, organizing and (or) processing of personal data, as well as defining the purpose of processing of personal data, the composition of personal data to be processed, actions (operations) performed with personal data.
1.3. User is an adult capable physical person, who has access to the Site via the Internet.
1.4. Personal data (PD) is any information relating directly or indirectly to a specific or identifiable natural person (subject of personal data).
1.5. Confidentiality is the need to prevent leakage (disclosure) of any information.
1.6. Confidentiality of information is a mandatory requirement for a person who has gained access to certain information not to transfer such information to third parties without the consent of its owner.
1.7. Processing of personal data is any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
1.8. Automated processing of personal data is processing of personal data by means of computer technology.
1.9. Dissemination of personal data is the actions aimed at disclosure of personal data to an indefinite number of persons.
1.10. Provision of personal data is the actions aimed at disclosure of personal data to a certain person or a certain circle of persons.
1.11. Blocking of personal data is temporary cessation of processing of personal data (except in cases where the processing is necessary to clarify personal data).
1.12. Destruction of personal data is the actions as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and (or) as a result of which material media bearing the personal data are destroyed.
1.13. Personal data information system (CDIS) is a set of personal data contained in databases and ensuring their processing of information technologies and technical means.
2. Use of the web content sarrz.com
2.1. Copying of text and graphic information of the site is allowed only for personal use by the user of the Site.
2.2. Copying and using of content from the site to
2.3. Commercial use of the Site by its users is prohibited.
2.4. Copying and attempts to break Program Code used in the site development are prohibited.
2.5. It is forbidden to use website design elements, corporate identity, logo of sarrz.com. Intellectual property rights are protected.
2.6. It is forbidden to send spam on behalf of the Site.
2.7. It is forbidden to specify personal data, including contact details, other Users or other persons without prior consent when registering on the Website.
3. Personal data processing
If the User of the site has passed the registration procedure and provided the Administrator with his / her personal data, he / she automatically agrees to its processing, storage and use.
The administrator processes personal data for the following purposes:
- User identification is registered at the site sarrz.com for ordering and (or) conclusion of the Contract of sale;
Granting the User access to personalized resources of the Site;
- Establishing feedback with the User, including sending notifications, requests relating to the use of the website, the provision of services, the processing of requests from the User;
- Determining the location of the User to ensure security and prevent fraud;
- Confirmation of the authenticity and completeness of the personal data provided by the User;
- Create an account to make purchases if the User has agreed to create an account;
- Website user notifications on Order status;
- Providing the user with effective client and technical support in case of problems related to the use of the website;
- Providing the User with his / her consent, product updates, special offers, price information, newsletter and other information on behalf of the Сompany or on behalf of the company’s partners.
- Implementation of advertising activities with the consent of the User;
- Conclusion, execution and termination of civil contracts with individuals, legal entities, individual entrepreneurs and other persons in cases stipulated by the current legislation of the Russian Federation and the Charter of the Administrator.
4. Principles of personal data processing
The processing of personal data in the Company is based on the following principles:
- The processing of personal data is carried out on a legal and fair basis;
- The processing of personal data is limited to the achievement of specific, predetermined and legal purposes. Personal data processing incompatible with the purposes of personal data collection is not allowed;
- It is not allowed to merge databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
- Only those personal data that meet the purposes of their processing are subject to processing;
- The content and volume of the processed personal data correspond to the stated purposes of processing. The processed personal data are not excessive in relation to the stated purposes of processing;
- When processing of personal data, the accuracy of personal data, their sufficiency, and, where necessary, relevance in relation to the stated purposes of their processing are ensured;
- Storage of personal data is carried out in a form that allows to determine the subject of personal data no longer than required by the purpose of personal data processing, if the period of storage of personal data is not established by Federal law, the contract, the party to which the beneficiary or guarantor for which is the subject of personal data. The processed personal data shall be subject to destruction or depersonalization upon achievement of the purposes of processing or in case of loss of need for achievement of these purposes, unless otherwise provided by the Federal law.
5. Personal data processing conditions
5.1. Processing of personal data is carried out in compliance with the principles and Terms established by the Federal personal data protection law.
5.2. If necessary, the Company may include the personal data of subjects in publicly available sources of personal data, and the Company takes the written consent of the subject to the processing of his/her personal data.
5.3. The Company may process special categories of personal data relating to race, nationality, state of health, and the Company takes on the obligation to accept the subject’s written personal data processing consent.
5.4. Decisions giving rise to legal consequences in relation to the subject of personal data or otherwise affecting his rights and legitimate interests are not taken on the basis of exclusively automated processing of personal data.
5.5. If there is no need for a written personal data processing consent, the consent of the subject may be given by the subject of personal data or his/her representative in any form that allows to obtain the fact of its receipt.
5.6. The Company has the right to entrust the processing of personal data to another person with the personal data processing consent, unless otherwise provided by Federal law, on the basis of an agreement concluded with that person (hereinafter — the order of the Administrator). At the same time, in the agreement the Company obligates the person processing of personal data on behalf of the Company to comply with the principles and Terms of personal data processing provided by this document and Federal law No.
5.7. If the Company assigns processing of personal data to another person, the Company shall be liable to the personal data subject for the actions of that person. The person who processes personal data on behalf of the Company is liable to the Company.
5.8. The Company undertakes and obligates other persons who have gained access to personal data not to disclose personal data to third parties and not to disseminate it without the personal data processing consent, unless otherwise provided by Federal law.
6. Rights of the personal data subject
6.1. In accordance with №
6.1.1 To obtain information regarding the processing of PD by the Administrator, namely:
- Confirmation of personal data processing by the Administrator;
- Legal grounds and purposes of personal data processing;
- Purposes and methods of personal data processing applied by the Administrator;
- Name and location of the Administrator, information about persons (except for the Administrator’s employees) who have access to personal data or who may be disclosed personal data on the basis of an agreement with the Administrator or on the basis of Federal law;
- Processed personal data relating to the relevant subject of personal data, the source of their receipt, unless another procedure for the submission of such data is provided for by Federal law;
- Terms of processing of personal data, including their storage;
- The procedure for the implementation of the subject of personal data rights provided by №
152-FZ«On personal data»;
- Information on the transboundary data transfer that has been or is being planned;
- Name or surname, name, patronymic and address of the person performing the processing of personal data on behalf of the Administrator, if the processing is entrusted or will be entrusted to such person;
- Other data provided by №
152-FZ«On personal data» or other Federal laws.
6.1.2.To require the Administrator to specify his / her personal data, block it or destroy it if the personal data are incomplete, outdated, inaccurate, illegally obtained or are not necessary for the stated purpose of processing;
6.1.3. To object to making decisions that give rise to legal consequences on the basis of exclusively automated processing of personal data;
6.1.4. To revoke personal data processing consent in cases provided for by law.
6.2. The right of the subject of personal data to access his / her personal data may be restricted in accordance with the Federal laws of the Russian Federation.
7. Obligations Of The Company
7.1. In accordance with the requirements of Federal law №
7.1.1. Provide the subject of personal data, upon request, with information concerning the processing of his/her personal data, or legally refuse to provide;
7.1.2. At the request of the subject of personal data, specify the processed personal data, block or delete if the personal data are incomplete, outdated, inaccurate, illegally obtained or are not necessary for the stated purpose of processing.
7.1.3. Keep a Log of the requests of personal data subjects, which should record the requests of personal data subjects for personal data, as well as the facts of the provision of personal data for these requests.
7.1.4. Notify the subject of personal data on the processing of personal data in the event that personal data was not received from the subject of personal data. With the exception of the following cases:
- The data subject is informed of the implementation of the processing of personal data by the relevant Administrator;
- PD are received by the Company on the basis of the Federal law or in connection with performance of the contract which party or the beneficiary or the guarantor on which is the subject of PD;
- PD are made publicly available by the PD subject or obtained from a publicly available source;
- The company carries out processing of PD for statistical or other research purposes, for carrying out professional activity of the journalist or scientific, literary or other creative activity if it does not violate the rights and legitimate interests of the subject of PD;
- Providing the PD subject with the information contained in the PD processing Notification violates the rights and legitimate interests of third parties.
7.1.5. In case the purpose of personal data processing is achieved, immediately terminate the processing of personal data and destroy the relevant personal data within a period not exceeding thirty days from the date of achievement of the purpose of personal data processing, unless otherwise provided by the agreement to which the personal data subject is a party, beneficiary or guarantor, other agreement between the Company and the personal data subject or if the Company is not entitled to, provided by №
7.1.6. In case of withdrawal of personal data processing consent by the subject of personal data, terminate the processing of personal data and destroy personal data within a period not exceeding thirty days from the date of receipt of the withdrawal, unless otherwise provided by the agreement between the Company and the subject of personal data. The Company is obliged to notify the subject of personal data about the destruction of personal data.
7.1.7. In case of requirement of the subject on the termination of personal data processing in the purpose of promotion of goods, works and services in the market to immediately stop the processing of personal data.
8. Measures to ensure the security of personal data during their processing
8.1. When processing personal data, the Company takes the necessary legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions with respect to personal data.
8.2. Ensuring the security of personal data is achieved by, in particular:
- Identification of threats to the security of personal data during their processing in personal data systems;
- Application of organizational and technical measures to ensure the security of personal data during their processing in personal data systems required to meet the requirements for the protection of personal data, the execution of which provides the levels of protection of personal data established by the Government of the Russian Federation;
- Application of the information security tools passed the established compliance verification procedure;
- Estimation of efficiency of measures taken to ensure the security of personal data before the commissioning of the personal data system;
- Taking into account machine personal data carriers;
- Detection of unauthorized access to personal data and taking measures;
- Recovery of personal data modified or destroyed as a result of unauthorized access to them;
- Establishing Terms of access to personal data processed in the personal data systems, as well as ensuring the registration and accounting of all actions performed with personal data in the personal data systems;
- Control over the measures taken to ensure the security of personal data and the level of security of personal data systems.
9.1. The company has the right to amend these Terms.
9.2. When making amendments, the date of the last revision of the edition is indicated in the Terms header. The new version of the Terms comes into force from the moment of its posting on the Company’s website, unless otherwise provided by the new version of the Terms.